• US Citizen

• Green Card

• EAD (OPT/CPT/GC/H4)

• H1B Work Permit

• Corp-Corp

• W2-Permanent

• W2-Contract

• Contract to Hire

• Consulting/Contract

• UG :- - Not Required

• PG :- - Not Required

• No of position :- ( 1 )

• Post :- 2nd Aug 2024

QualificationsExperience with DAST (AFL, Fuzzing, Burp), including creating custom “farms”;Experience in conducting pen tests for virtualized infrastructure;Experience in analyzing mobile applications;Programming skills in Java;Experience with k8s, Docker;Experience with traffic analyzers (Wireshark, etc.);Experience in automating routine security processes;Understanding of modern software development processes and practices: Agile, SDLC, DevOps, CI/CD;Competent written and verbal communication skills (English B1, Russian B2 )Successful participation in Bug Bounty programs;CTF experience;Familiarity with OWASP Testing Guide, OWASP Code Review Guide, OWASP Secure Coding Practices;Experience working with and supporting HashiCorp Vault;Experience with network vulnerability scanners (Nessus, XSpider, MaxPatrol, etc.)Tasks within the SDLC process: analysis of analyzer results, rule refinement, evaluation of their effectiveness;Source code analysis of applications in Java;Conducting internal penetration tests;Diving into the workings of containerized applications, understanding their implementations;Preparing recommendations for identified vulnerabilities, taking into account the specifics of the technological stack and implementations